sqreen 1.15.7.beta1-java → 1.15.7-java
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/sqreen/rules_callbacks/blacklist_ips.rb +26 -10
- data/lib/sqreen/trie.rb +1 -0
- data/lib/sqreen/version.rb +1 -1
- metadata +4 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: ab0f7f327746411e048e85c39d5a85eb0e5160de4561d9dd996b689313db356e
|
4
|
+
data.tar.gz: a6b48b211b1694a109e57e394ceec8c678b31585a3313211d028ab0798467b2d
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 3e951226c019ee021a9203609971bef97b9bc738f43a624c41e4eedae17803009f3d6232f336422522b6f9b0453b631423674327c5f3ebb78db1e7a7f0506905
|
7
|
+
data.tar.gz: 19297ce483987c4c714a76b76409ca7139ebda5ec01f4da7ca79ce5d80a6faa1b37d732df9548037c00319ac1b82e40f906c384e29dfb9a869c088fc0010cd89
|
@@ -1,7 +1,7 @@
|
|
1
1
|
# Copyright (c) 2015 Sqreen. All Rights Reserved.
|
2
2
|
# Please refer to our terms for more information: https://www.sqreen.io/terms.html
|
3
3
|
|
4
|
-
require '
|
4
|
+
require 'sqreen/trie'
|
5
5
|
|
6
6
|
require 'sqreen/rule_callback'
|
7
7
|
|
@@ -11,8 +11,9 @@ module Sqreen
|
|
11
11
|
class BlacklistIPsCB < RuleCB
|
12
12
|
def initialize(klass, method, rule_hash)
|
13
13
|
super(klass, method, rule_hash)
|
14
|
-
@
|
15
|
-
Sqreen.
|
14
|
+
@trie_v4 = Sqreen::Trie.new
|
15
|
+
@trie_v6 = Sqreen::Trie.new(nil, nil, Socket::AF_INET6)
|
16
|
+
insert_values(@data['values'])
|
16
17
|
end
|
17
18
|
|
18
19
|
def pre(_inst, _args, _budget = nil, &_block)
|
@@ -26,18 +27,33 @@ module Sqreen
|
|
26
27
|
advise_action(:raise, :skip_rem_cbs => true)
|
27
28
|
end
|
28
29
|
|
29
|
-
|
30
|
+
private
|
31
|
+
|
32
|
+
def insert_values(ranges)
|
33
|
+
Sqreen.log.info 'no ips given for IP blacklisting' if ranges.empty?
|
34
|
+
|
35
|
+
ranges.map { |r| Prefix.from_str(r, r) }.each do |prefix|
|
36
|
+
trie_for(prefix).insert prefix
|
37
|
+
end
|
38
|
+
end
|
39
|
+
|
40
|
+
def trie_for(prefix)
|
41
|
+
prefix.family == Socket::AF_INET6 ? @trie_v6 : @trie_v4
|
42
|
+
end
|
30
43
|
|
31
44
|
# Is this a blacklisted ip?
|
32
45
|
# return the ip blacklisted range that match ip
|
33
46
|
def find_blacklisted_ip(rip)
|
34
|
-
|
35
|
-
|
47
|
+
begin
|
48
|
+
ipa = IPAddr.new(rip)
|
49
|
+
rescue
|
50
|
+
Sqreen.log.info "invalid IP address given by framework: #{rip}"
|
51
|
+
return nil
|
36
52
|
end
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
53
|
+
|
54
|
+
range = trie_for(ipa).search_best(ipa.to_i, ipa.family)
|
55
|
+
return nil unless range
|
56
|
+
range.data
|
41
57
|
end
|
42
58
|
end
|
43
59
|
end
|
data/lib/sqreen/trie.rb
CHANGED
data/lib/sqreen/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: sqreen
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.15.7
|
4
|
+
version: 1.15.7
|
5
5
|
platform: java
|
6
6
|
authors:
|
7
7
|
- Sqreen
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2018-11-
|
11
|
+
date: 2018-11-29 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
requirement: !ruby/object:Gem::Requirement
|
@@ -148,9 +148,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
148
148
|
version: '0'
|
149
149
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
150
150
|
requirements:
|
151
|
-
- - "
|
151
|
+
- - ">="
|
152
152
|
- !ruby/object:Gem::Version
|
153
|
-
version:
|
153
|
+
version: '0'
|
154
154
|
requirements: []
|
155
155
|
rubyforge_project:
|
156
156
|
rubygems_version: 2.7.7
|